Use this page to determine
the location of the certificate
revocation list (CRL) known to the application server. The Application
Server checks the CRL to determine the validity of the client certificate.
A certificate that is found in a certificate revocation list might
not be expired, but is no longer trusted by the certificate authority
(CA) that issued the certificate. The CA might add the certificate
to the certificate revocation list if it believes that the client
authority is compromised.
View the administrative console panel for the collection
certificate store on the cell level.
- Click .
- Under
additional properties, click Collection certificate
store.
- Click the name of a configured collection
certificate store or
create a new collection certificate store first.
- Under Additional
properties, click to
specify the path to a new list or click the name of the certificate
revocation list to modify its path.
View the administrative
console panel for the collection certificate
store on the server level.
- Click .
- Under Security, click JAX-WS and JAX-RPC security runtime.
Mixed-version environment: In a mixed node cell with a server using Websphere
Application Server version 6.1 or earlier, click
Web services:
Default bindings for Web Services Security.
mixv
- Under
Additional properties, click Collection certificate
store.
- Click the name of a configured collection
certificate store or
create a new collection certificate store first.
- Under Additional
properties, click to
specify the path to a new list or click the name of the certificate
revocation list to modify its path.
View
the administrative console page for the collection
certificate store on the application level.
- Click .
- Under Modules, click .
- Under Web Services Security Properties, you can access collection
certificate stores for the following bindings:
- For the Request
generator, click Web services: Client
security bindings. Under Request generator (sender) binding,
click .
- For the Request
consumer, click Web services: Server
security bindings. Under Request consumer (receiver) binding,
click .
- For the Response
generator, click Web services: Server
security bindings. Under Response generator (sender) binding,
click .
- For the Response
consumer, click Web services: Client
security bindings. Under Response consumer (receiver)
binding, click .
- Click the name of a configured collection certificate store or
create a new collection certificate store first.
- Under Additional
properties, click to
specify the path to a new list or click the name of the certificate
revocation list to modify its path.
- Under Additional properties,
you can access collection certificate
stores for the following bindings:
- For the Response receiver
binding, click Web services:
Client security bindings. Under Response receiver binding,
click Edit.
- Under Additional properties,
click .
- Under Additional properties, click X.509
certificates.
- Click New and specify the
path to the certificate revocation
list.